Scribd
Upload
144 views

Proventia Administratorguide

Firewall, UTM

Uploaded by

Fernando Bolivar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
144 views

Proventia Administratorguide

Firewall, UTM

Uploaded by

Fernando Bolivar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 48

Administrator Guide

Firmware version 3.11

Internet Security Systems, Inc.


6303 Barfield Road
Atlanta, Georgia 30328-4233
United States
(404) 236-2600
http://www.iss.net
Internet Security Systems, Inc. 2003-2007. All rights reserved worldwide. Customers may make reasonable numbers of copies
of this publication for internal use only. This publication may not otherwise be copied or reproduced, in whole or in part, by any
other person or entity without the express prior written consent of Internet Security Systems, Inc.
Patent pending.
Internet Security Systems, ADDME, ActiveAlert, AlertCon, the AlertCon logos, FireCell, FlexCheck, SecurityFusion,
SecurePartner, SiteProtector, SecureU, System Scanner, Virtual Patch, Wireless Scanner, and X-Press Update are trademarks and
service marks; Database Scanner, Internet Scanner, the Internet Security Systems logo, Online Scanner, Proventia, RealSecure,
SAFEsuite, Secure Steps, and X-Force are registered trademarks and service marks of Internet Security Systems, Inc. Network
ICE, the Network ICE logo, and ICEpac are trademarks, BlackICE a licensed trademark, and ICEcap a registered trademark of
Network ICE Corporation, a wholly owned subsidiary of Internet Security Systems, Inc. Powering Content Security is a
trademark and Cobion is a registered trademark of Cobion AG, a wholly owned subsidiary of Internet Security Systems, Inc.
SilentRunner is a registered trademark of Raytheon Company. Acrobat and Adobe are registered trademarks of Adobe Systems
Incorporated. Certicom is a trademark and Security Builder is a registered trademark of Certicom Corp. Check Point, FireWall1, OPSEC, Provider-1, and VPN-1 are registered trademarks of Check Point Software Technologies Ltd. or its affiliates. Cisco
and Cisco IOS are registered trademarks of Cisco Systems, Inc. HP-UX and OpenView are registered trademarks of HewlettPackard Company. IBM and AIX are registered trademarks of IBM Corporation. InstallShield is a registered trademark and
service mark of InstallShield Software Corporation in the United States and/or other countries. Intel and Pentium are registered
trademarks of Intel. Lucent is a trademark of Lucent Technologies, Inc. ActiveX, Microsoft, Windows, and Windows NT are
either registered trademarks or trademarks of Microsoft Corporation. Net8, Oracle, Oracle8, SQL*Loader, and SQL*Plus are
trademarks or registered trademarks of Oracle Corporation. Seagate Crystal Reports, Seagate Info, Seagate, Seagate Software,
and the Seagate logo are trademarks or registered trademarks of Seagate Software Holdings, Inc. and/or Seagate Technology,
Inc. Secure Shell and SSH are trademarks or registered trademarks of SSH Communications Security. iplanet, Sun, Sun
Microsystems, the Sun Logo, Netra, SHIELD, Solaris, SPARC, and UltraSPARC are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States and other countries. All SPARC trademarks are used under license and are trademarks
or registered trademarks of SPARC International, Inc. in the United States and other countries. Adaptive Server, SQL, SQL
Server, and Sybase are trademarks of Sybase, Inc., its affiliates and licensers. Tivoli is a registered trademark of Tivoli Systems
Inc. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company,
Ltd. All other trademarks are the property of their respective owners and are used here in an editorial context without intent of
infringement. Specifications are subject to change without notice.
Disclaimer: The information contained in this document may change without notice, and may have been altered or changed if
you have received it from a source other than ISS or the X-Force. Use of this information constitutes acceptance for use in an
AS IS condition, without warranties of any kind, and any use of this information is at the users own risk. ISS and the X-Force
disclaim all warranties, either expressed or implied, including the warranties of merchantability and fitness for a particular
purpose. In no event shall ISS or the X-Force be liable for any damages whatsoever, including direct, indirect, incidental,
consequential or special damages, arising from the use or dissemination hereof, even if ISS or the X-Force has been advised of
the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental
damages, so the foregoing limitation may not apply.
Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by Internet Security Systems,
Inc. The views and opinions of authors expressed herein do not necessarily state or reflect those of Internet Security Systems,
Inc., and shall not be used for advertising or product endorsement purposes.
Links and addresses to Internet resources are inspected thoroughly prior to release, but the ever-changing nature of the Internet
prevents Internet Security Systems from guaranteeing the content or existence of the resource. When possible, the reference
contains alternate sites or keywords that could be used to acquire the information by other methods. If you find a broken or
inappropriate link, please send an email with the topic name, link, and its behavior to [email protected].
March 20, 2007

Contents
Preface
Overview . . . . . . . . . . . . . . . . . . . . . . .
About Proventia Appliance Documentation.
Conventions Used in this Guide . . . . . . . .
Getting Technical Support . . . . . . . . . . . .

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

5
6
7
8

Chapter 1: Licenses
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Installing Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Chapter 2: Firmware and Security Content Updates


Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing Updates from Proventia Manager . . . . . .
Getting Updates from an Alternate Update Server .
Installing Updates with the Manual Upgrader Utility .
Getting Updates through a Proxy Server . . . . . . . .

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

13
14
16
18
21

Chapter 3: Reinstalling the Firmware


Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Reinstalling the Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Chapter 4: Web Filter and Antispam Database Maintenance


Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Installing and Updating the Web Filter and Antispam Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Chapter 5: Maintenance Tools


Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Working with Maintenance Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Chapter 6: Back Up and Recovery


Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Policy Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Full System Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Chapter 7: System Diagnostics


Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
About System Diagnostics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Running Diagnostics and Downloading Test Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Chapter 8: Support
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Generating Support Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Proventia Network Multi-Function Security Administrator Guide

Contents

Preface
Overview
Introduction

This guide provides information about performing Proventia Multi-Function Security


(MFS) appliance maintenance tasks such as creating backups, reinstalling the firmware,
and using the system diagnostics utility.

Scope

This guide includes basic information, guidelines, and required procedures for
maintaining your MFS appliance. It does not cover policy configuration.

Audience

This guide is intended for network security system administrators responsible for
maintaining updates, performing backups, and troubleshooting Proventia Network MFS
appliances. A fundamental knowledge of network security practices and IP network
configuration is helpful.

Proventia Network Multi-Function Security Administrator Guide

About Proventia Appliance Documentation


Introduction

This guide explains how to create backups, update firmware and security content,
maintain Web filter and antispam databases, and otherwise maintain your appliance.

Where to find the


latest product
information

For the latest appliance information, refer to the Help and the Readme file for your
product.

Related publications For information not included in this guide, see the following ISS Web sites:
Web site

Documents

www.iss.net/support/documentation

Frequently asked questions

Datasheets

Information about virtual private networks


and firewalls

Readme files

Product downloads and updates

www.iss.net/download/

Table 1: Web sites for additional information

Feedback

Your feedback is important to Internet Security Systems. Please send comments and
suggestions to [email protected].

Conventions Used in this Guide

Conventions Used in this Guide


Introduction

This topic explains the typographic conventions used in this guide to make information in
procedures and commands easier to recognize.

In procedures

The typographic conventions used in procedures are shown in the following table:
Convention

What it Indicates

Examples

Bold

An element on the graphical


user interface.

Type the computers


address in the IP Address
box.
Select the Print check box.
Click OK.

SMALL CAPS

A key on the keyboard.

Press ENTER.
Press the PLUS SIGN (+).

Constant
width

A file name, folder name,


path name, or other
information that you must
type exactly as shown.

Save the User.txt file in


the Addresses folder.
Type IUSR__SMA in the
Username box.

Constant
width
italic

A file name, folder name,


path name, or other
information that you must
supply.

Type Version number in


the Identification
information box.

A sequence of commands
From the taskbar, select
from the taskbar or menu bar. StartRun.

On the File menu, select


UtilitiesCompare
Documents.
Table 2: Typographic conventions for procedures

Command
conventions

The typographic conventions used for command lines are shown in the following table:
Convention

What it Indicates

Examples

Constant
width bold

Information to type in exactly


as shown.

md ISS

Italic

Information that varies


according to your
circumstances.

md your_folder_name

[]

Optional information.

dir [drive:][path]
[filename] [/P][/W]
[/D]

Two mutually exclusive


choices.

verify [ON|OFF]

{}

A set of choices from which


you must choose one.

% chmod {u g o
a}=[r][w][x] file

Table 3: Typographic conventions for commands

Proventia Network Multi-Function Security Administrator Guide

Getting Technical Support


Introduction

ISS provides technical support through its Web site and by email or telephone.

The ISS Web site

The Internet Security Systems (ISS) Resource Center Web site (http://www.iss.net/
support/) provides direct access to online user documentation, current versions listings,
detailed product literature, white papers, and the Technical Support Knowledgebase.

Support levels

ISS offers three levels of support:

Standard

Select

Premium

Each level provides you with 24x7 telephone and electronic support. Select and Premium
services provide more features and benefits than the Standard service. Contact Client
Services at [email protected] if you do not know the level of support your
organization has selected.
Hours of support

The following table provides hours for Technical Support at the Americas and other
locations:
Location

Hours

Americas

24 hours a day

All other
locations

Monday through Friday, 9:00 A.M. to 6:00 P.M. during their


local time, excluding ISS published holidays
Note: If your local support office is located outside the
Americas, you may call or send an email to the Americas
office for help during off-hours.

Table 4: Hours for technical support

Contact information

The following table provides electronic support information and telephone numbers for
technical support requests:
Regional
Office

Electronic Support

Telephone Number

North America

Connect to the MYISS


section of our Web site:

Standard:

www.iss.net

(1) (404) 236-2700

(1) (888) 447-4861 (toll free)


Select and Premium:
Refer to your Welcome Kit or
call your Primary Designated
Contact for this information.

Latin America

[email protected]

(1) (888) 447-4861 (toll free)


(1) (404) 236-2700

Table 5: Contact information for technical support

Getting Technical Support

Regional
Office

Electronic Support

Telephone Number

Europe, Middle [email protected]


East, and Africa

(44) (1753) 845105

Asia-Pacific,
Australia, and
the Philippines

[email protected]

(1) (888) 447-4861 (toll free)

Japan

[email protected]

(1) (404) 236-2700


Domestic: (81) (3) 5740-4065

Table 5: Contact information for technical support (Continued)

Proventia Network Multi-Function Security Administrator Guide

10

Chapter 1

Licenses
Overview
Introduction

This chapter explains how to install licenses.

In this chapter

This chapter contains the following topic:


Topic
Installing Licenses

Proventia Network Multi-Function Security Administrator Guide

Page
12

11

Chapter 1: Licenses

Installing Licenses
Introduction

This topic explains how to install licenses in Proventia Manager. You cannot update the
system without first installing your product licenses. You need a license for each feature
you plan to update.

Obtaining licenses

For instructions about how to obtain your product licenses, see the Welcome Kit and Order
Confirmation email you received from Internet Security Systems or go directly to the
License Registration Web site at the following location:
https://www1.iss.net/cgi-bin/lrc
Important: After you generate your licenses, save the licenses to an easily accessible

location such as a network share, a local computer, or a removable USB drive. You must be
able to access this location when you upload the licenses to the system.
Contacting license
support

Installing licenses in
Proventia Manager

You can contact ISS license support in the following ways:

email: [email protected] or [email protected]

online: www.iss.net/support

To install licenses in Proventia Manager:


1. Select Maintenance Licensing.
2. Click Browse, select the license, click Open, and then click Upload.
Tip: Licenses are issued as xml files such as iss_31362101_key.isslicense.xml.

You may want to rename this file with your appliance model and the related
functionality as follows:
M10_AV_iss_31362101_key.isslicense.xml

12

Chapter 2

Firmware and Security Content


Updates
Overview
Introduction

This chapter explains how to install updates from Proventia Manager and SiteProtector.
ISS provides numerous ways for you to download and install your updates. This ensures
that you can always update your antivirus, intrusion prevention, and firmware regardless
of how you are deploying your appliance.
Note: This chapter does not explain how to define your update policy. Refer to the Help
or the Policy Configuration Guide for details on update policy settings.

In this chapter

This chapter contains the following topics:


Topic

Page

Installing Updates from Proventia Manager

14

Getting Updates from an Alternate Update Server

16

Installing Updates with the Manual Upgrader Utility

18

Getting Updates through a Proxy Server

21

Proventia Network Multi-Function Security Administrator Guide

13

Chapter 2: Firmware and Security Content Updates

Installing Updates from Proventia Manager


Introduction

Task overview

This topic explains how to find, download, and install updates from Proventia Manager
for the following:

antivirus

intrusion prevention

firmware

The following table describes the tasks for manually updating the appliance:
Task

Description

Find available updates.

Download updates.

Install updates.

Table 6: Tasks for manually updating the appliance

Finding updates

To find available updates:


1. In Proventia Manager, select Maintenance Updates Status.
2. Click Find Updates.
3. Do one of the following:

Downloading
updates

If...

Then...

updates are available for


download

click View Available Downloads.

updates are available for


installation

click View Available Installs.

To download available updates, do one of the following:


If you want to...
download updates from the
Updates Status page

Then...
1. In Proventia Manager, select Maintenance Updates
Status.
2. Click Download Updates.

download updates from the


Updates to Downloads page

1. In Proventia Manager, select Maintenance Updates


Available Downloads.
2. Click Download All Available Updates.

Installing updates
manually

To install updates manually:


1. In Proventia Manager, select Maintenance Updates Available Installs.
Note: If the Export Administration Regulation window appears, then review the

agreement, select Yes, and then click Submit.

14

Installing Updates from Proventia Manager

2. Select the updates to install, and then click Install Updates.


Note: You must reboot the appliance after installing some updates.

Removing updates

Removing an update is referred to as a rollback. You can remove or roll back the
following:

the last intrusion prevention update and the update package

the two most recent antivirus updates and the update packages
Note: You cannot remove or roll back firmware updates.

Example

You can only roll back to an update that you specifically installed. The following example
illustrates the roll back process for cumulative updates:
Task

Description

You install version 1.1.

You skip version 1.2 and update to version 1.3.

You remove or roll back the 1.3 update.

The appliance returns to version 1.1.

Table 7: Example of the roll back process

Rolling back
updates

To roll back an update:


1. In Proventia Manager, select Maintenance Updates Status.
2. If you want to roll back either an antivirus update or an intrusion prevention update,
then click Rollback Last Update, and then click OK.

Troubleshooting

If you experience unusual behavior after you apply a firmware update, try the following:
1. Close the Web browser.
2. Clear the Java cache.
Note: For more information about how to clear the Java cache, see www.java.com/

en/download/help/5000020300.xml.

3. Restart the Web browser, and then log on to Proventia Manager.

Proventia Network Multi-Function Security Administrator Guide

15

Chapter 2: Firmware and Security Content Updates

Getting Updates from an Alternate Update Server


Introduction

The topic explains how to configure the appliance to get updates from an alternate update
server. Use an alternate update server when you do not want the appliance to contact ISS
and download updates over the Internet. Instead of contacting ISS for the updates, the
appliance contacts the update server. The update servers function is to retrieve and store
appliance updates and provide them to the appliance when requested.
Note: The appliance does not have to be registered in SiteProtector to get updates from an
alternate update server.
Note: This topic assumes that you have installed and configured the update server.

Gathering required
information

You need the following information about the update server:

host name or IP address

portthe port to which the update server is listening for download requests:

For the ISS Download Center (www.iss.net), the default port is 443.

For the SiteProtector X-Press Update Server, the default port if 3994.

authentication level between the appliance and the update server:

trust-all (the appliance always trusts connections with the SiteProtector update
server without the servers digital certificate)

explicit-trust (the appliance verifies the servers identify with the servers digital
certificate)

If you use the


explicit-trust level

If you want to use the explicit-trust authentication level, then you must manually copy the
required certificate to the appliance.

Copying required
certificates
manually

To copy a required certificate to the appliance manually:


1. Locate the following certificate file on the update server:
server-rsa.crt
Note: The file is stored in the following default location on the SiteProtector 2.0 SP5
update server:

Program Files\ISS\RealSecure SiteProtector\X-Press Update


Server\webserver\Apache2\conf\ssl.crt\
Note: The file is stored in the following default location on the SiteProtector 2.0 SP6
update server:

Program Files\ISS\SiteProtector\Application
Server\webserver\Apache2\conf\ssl.crt\

2. Use an SCP (Secure Copy) client such as WinSCP to copy the server-rsa.crt certificate
file to the following directory on the appliance:
/etc
Note: WinSCP is a third-party tool not supported by ISS. For information about how

to run the utility, see the product documentation for the utility.

16

Getting Updates from an Alternate Update Server

Getting updates
from SiteProtector

To configure the appliance to obtain updates from SiteProtector:


1. In the navigation pane, select Maintenance Updates Automatic Settings.
Note: If the Export Administration Regulation window appears, then review the

agreement, select Yes, and then click Submit.


2. Select the Alternate Update Server tab.
3. Select the Use Alternate Update Server option, and then complete the following
options:
Option

Description

Host or IP

Type the fully-qualified domain name or IP address of the SiteProtector


update server.

Port

Specify the port on which the appliance and the SiteProtector update
server communicate.
Default = 3994

Trust Level

Select one of the following:

Trust-allthe appliance always trusts connections with the


SiteProtector update server without the servers digital certificate.
Tip: This is the easiest way to set up the connection.

Explicit-trustthe appliance verifies the servers identify with the


servers digital certificate. You must manually copy the certificate to the
appliance and specify the CA Certificate box as described below.
Tip: This is a more secure connection than trust-all.

CA Certificate

provide the fully qualified path to where the certificate resides on the
appliance as in the following example:

/etc/server-rsa.crt

4. Click Save Changes.

Proventia Network Multi-Function Security Administrator Guide

17

Chapter 2: Firmware and Security Content Updates

Installing Updates with the Manual Upgrader Utility


Introduction

The Manual Upgrader utility retrieves update files from the Download Center. This topic
explains how to use the Manual Upgrader to download update files to the XPU server.

When to use this


procedure

Use the procedures in this topic to update your appliance manually in the following
situations:

Installing updates
with the Manual
Upgrader utility

Your appliance is configured to get updates from SiteProtector, but the SiteProtector
X-Press Update Server does not have Internet access.

Your appliance is configured to get updates from a stand-alone update server, but the
server does not have Internet access.

To install updates with the Manual Upgrader utility, you must do the following:
Task

Description

Configure the alternate update server.

Install the Manual Upgrader utility.

Run the Manual Upgrader utility.

Copy updates to the XPU server.

Install the updates.

Table 8: Tasks for installing updates with the Manual Upgrader utility

Configuring the
alternate update
server

To configure the alternate update server:


1. In Proventia Manager, select Maintenance Updates Automatic Settings.
2. Select the Alternate Update Server tab.
3. Select the Use Alternate Update Server check box.
4. Specify the Host or IP address of the XPU server.
5. Specify the Port on which the server is monitoring download requests.
For the SiteProtector X-Press Update Server, the default port is 3994.
Note: Confirm with the SiteProtector administrator that the port number has not

been changed.
6. Save your changes.
Installing the
Manual Upgrader

To install the Manual Upgrader utility:


1. Obtain the Manual Upgrader installation file from the ISS Download Center.
The file is located in the SiteProtector area under the Other tab.
2. Copy the file to a computer that has Internet access.
3. Extract the downloaded zip file to a convenient directory.
Note: If you enable the Use Folder Names option when you extract the zip file, then
the program extracts the files to a directory called ManualUpgrader.

18

Installing Updates with the Manual Upgrader Utility

Running the Manual


Upgrader

To run the Manual Upgrader:


1. On the computer where you installed the Manual Upgrader, navigate to the folder
containing the program.
2. Double-click ManualUpgrader.exe.
3. Browse to a valid license file, and then select the file.
4. Read the End User License Agreement, and then click I Accept.
Note: If the Export Agreement appears, read the agreement, and then click I Accept.

5. Click Yes on the Manual Upgrader dialog to download a new catalog of available
updates from the Web.
6. If you are prompted to download a Manual Upgrader update, click Yes.
The update is downloaded, and then you are prompted to download the most recent
catalog files.
7. Click Yes.
8. If an export agreement appears, accept it.
The newest catalog files are downloaded and all ISS product lines appear in the top
pane and all available operating systems appear in the bottom pane.
9. Select Catalog Latest Network Multi-Function Catalog to select only MFS content.
10. Select the ISS product lines and the operating systems for which you want to
download updates.
Note: You can select multiple product lines and operating systems if needed.

11. You can control how recent the updates are by selecting the Only Get Files Posted
Within This Many Days check box and specifying the number of days for which you
want to get updates.
12. Click Get Selected Updates.
Copying updates to
the XPU server

After you download the updates, you must copy the files to the appropriate directory on
the update server. You can use either the integrated XPU Server that is installed on the
same computer as the Application Server or an XPU Server that is installed on a separate
computer.
If you did not download the required files to the computer where the XPU Server is
installed, then you must transfer the files to that computer before you can apply the
updates.

Required
directories

You must copy the required files to specific directories on the computer where the XPU
Server is installed. If these directories do not exist, then you must create them before you
can apply the updates.
Important: When you create the directories, you must spell and capitalize the directory

names exactly as described in this topic.


Required directory
on integrated XPU
server

The directory path below assumes that you are creating the directories on the integrated
XPU Server and that this server is installed on the same computer as the Application
Server:

Proventia Network Multi-Function Security Administrator Guide

19

Chapter 2: Firmware and Security Content Updates

\Program Files\ISS\SiteProtector\Application
Server\webserver\Apache2\htdocs\XPU\Proventia\M-Series

Required directory
on remote XPU
server

If you are creating the directories on a remote XPU Server that is not installed on the same
computer as the Application Server, then you must create the directories in the following
directory path on the computer where the remote XPU Server is installed:
\Program Files\ISS\SiteProtector\X-Press Update
Server\webserver\Apache2\htdocs\XPU\

Installing the
updates

20

Depending on how you have configured Proventia Manager, the updates are either
installed automatically once they are available or you can install them manually.

Getting Updates through a Proxy Server

Getting Updates through a Proxy Server


Introduction

This topic provides information about how to enable the appliance to retrieve updates
through a proxy server.

Updating through a
proxy server

If the appliance must go through a Web proxy server to retrieve updates from ISS, then
you must enable the Web (HTTP) proxy service.

Enable the Web


proxy service

To enable the Web (HTTP) proxy service:


1. In Proventia Manager, select Configuration System Services.
2. Select the HTTP Proxy tab.
3. Select the Enable HTTP Proxy check box.
4. Specify the Address and Port of the HTTP proxy.
5. Click Save Changes.

Proventia Network Multi-Function Security Administrator Guide

21

Chapter 2: Firmware and Security Content Updates

22

Chapter 3

Reinstalling the Firmware


Overview
Introduction

This chapter explains how to install the firmware.

In this chapter

This chapter contains the following topic:


Topic
Reinstalling the Firmware

Proventia Network Multi-Function Security Administrator Guide

Page
24

23

Chapter 3: Reinstalling the Firmware

Reinstalling the Firmware


Introduction

This topic explains how to reinstall the firmware.

Considerations

Reinstalling the firmware takes the appliance off line and overwrites your custom policies
with the original factory defaults.
The recovery CD includes the Filter Database that came with your appliance. This
database is quickly out of date because database updates are released often. ISS
recommends that you reinstall only the firmware and thenafter the appliance is
deployeduse the Get Filter Database option in Proventia Manager to download the
latest database directly from the ISS Web site.

Prerequisites

Computer
requirements

computer (see Computer Requirements) or keyboard and monitor (for M50 models)

red crossover cable

serial cable

recovery CD

If you are connecting a computer to the appliance for this procedure, verify the computer
requirements below:
Note: No software is installed on the computer during this process; the computer is used
only to reinstall the firmware.
Requirement

Description

BIOS setting

Computer must be configured to allow it to boot from the CD drive.


Reference: For information on how to check or change your BIOS
settings, see your computer documentation or go online and
search for instructions. Commonly, pressing F12 during bootup
allows you to specify booting from a CD.

CPU

Pentium II or compatible

RAM

64MB

Drive

IDE CD-ROM Drive

Port

COM1

Network interface

3Com 3c905C

Intel PRO/100 or PRO/1000

3Com 3c574 or 3Com 3c575

Netgear FA511 or Netgear FA411

Intel PRO/100 S Mobile Adapter

ISS supports only the listed network cards. The Proventia M50
appliance automatically detects network interface cards.
Table 9: Computer requirements

24

Reinstalling the Firmware

Before you reinstall

If your appliance is still operational, do the following before you reinstall the firmware:

Back up your policies using a Settings Backup, and then download the backup files to
a remote location. You can restore your policies from the backup files after you
reinstall the appliance firmware.

Record the networking settings shown in the following table:


Mode

Network settings

Routing

IP addresses
subnet masks
default gateways for all interfaces
hostname
domain name
DNS name servers

Transparent

IP address
subnet mask
default gateway
hostname
domain name
DNS name server

Reinstalling the
firmware on an
M50 appliance

To reinstall the firmware on an M50 appliance:


1. Connect to the appliance:
If you are
using a...
computer

Then...
1. Connect the serial cable from your computer to the serial port on the
appliance.
2. Connect the red Ethernet crossover cable from the Ethernet port on
your computer to the Internal ETH0 port on the appliance.
3. On the computer, use an application such as HyperTerminal to
configure a terminal connection between the computer and the
appliance. Use the following settings:
Port = COM1 or other appropriate port
Bits Per Second = 9600
Data bits = 8
Parity = None
Stop bits = 1
Flow control = None
4. Start the connection.

keyboard and
monitor

connect the keyboard and monitor to the appliance.

2. Remove the front bezel.


3. Insert the Recovery CD in appliance CD drive.
4. Restart the appliance.

Proventia Network Multi-Function Security Administrator Guide

25

Chapter 3: Reinstalling the Firmware

5. When you see the boot: prompt, type reinstall, and then press ENTER.
6. Wait until the appliance reinstalls the software and automatically ejects Recovery CD.
Next Steps

You must run the Proventia Setup Assistant again to initialize the system. You must also
either reconfigure your policies or restore your policies from the backup files you made.

Reinstalling the
firmware on all
other models

To reinstall the firmware on any non-M50 appliance (that does not have a built-in CD
drive):
1. Turn off the appliance, and then disconnect it from the network.
2. Connect the serial cable from the console port on the appliance to the serial port on
your computer.
3. Connect the red Ethernet crossover cable from the internal port on the appliance to
the Ethernet port on your computer.
4. Insert the recovery CD into the CD drive on your computer, and then restart the
computer.
5. Wait until you see the following message:
***You may now boot your Proventia Appliance via the network***
***Starting Terminal Emulator***
***Press Control-G to Exit and Reboot***
Important: In the next step, you have only five seconds to press L after the Press L

prompt appears.
6. Turn on the appliance and watch the screen closely for the Press L prompt.
7. When you see the Press L to boot from LAN prompt, press the L key.
8. When you see the boot: prompt, type reinstall, and then press ENTER.
9. Wait until the appliance reinstalls the software.
10. When the installation is complete, press CONTROL+G to eject the CD and restart the
computer in normal mode.
Next Steps

26

You must run the Proventia Setup Assistant again to initialize the system. You must also
either reconfigure your policies or restore your policies from the backup files you made.

Chapter 4

Web Filter and Antispam Database


Maintenance
Overview
Introduction

This chapter explains how to install and update the Web Filter and Antispam database.

In this chapter

This chapter contains the following topic:


Topic
Installing and Updating the Web Filter and Antispam Database

Proventia Network Multi-Function Security Administrator Guide

Page
28

27

Chapter 4: Web Filter and Antispam Database Maintenance

Installing and Updating the Web Filter and Antispam Database


Introduction

This topic explains how to install and update the Web Filter and Antispam Database.
Important: You must perform these tasks locally in Proventia Manager. You cannot
perform these tasks in SiteProtector.

Viewing database
properties

To view the Web Filter and Antispam Database version and other properties:

In Proventia Manager, select Maintenance Filter DB.


The appliance displays the following database properties:
Property

Description

Mode

The current database status:

Version

Not installed

Installed

The local database version in the following format:


x.xxxx

Status

Download Progress

Installing the
database

The status of the local database:

Installed

Downloading

Updating

The progress of the local database download:

x% (percentage of completed download)

Indexing Database

To install the latest version of the Web Filter and Antispam Database:
Note: Installing the database does not take the appliance off line.

1. In Proventia Manager, select Maintenance Filter DB.


2. Click Get Local DB.
Updating the
database

To update the Web Filter and Antispam Database:


Note: Updating the database does not take the appliance off line.

1. In Proventia Manager, select Maintenance Filter DB.


2. Click the message Click here to update an existing database.

28

Chapter 5

Maintenance Tools
Overview
Introduction

This chapter explains how to use the maintenance tools.

In this chapter

This chapter contains the following topic:


Topic
Working with Maintenance Tools

Proventia Network Multi-Function Security Administrator Guide

Page
30

29

Chapter 5: Maintenance Tools

Working with Maintenance Tools


Introduction

Traceroute
protocols

This topic describes how to use the maintenance tools to do the following:

start or stop the appliance

use the traceroute utility to provide a list of all the routers along the path to a
computer or destination

ping a computer on your network to determine whether it can be contacted

reconnect the PPPoE on the external interface

release and renew a DHCP lease for the external interface

You can use two types of protocols for the traceroute utility:
Protocol

Description

UDP

The UNIX traceroute command. When you select a UDP traceroute protocol, the
appliance sends a UDP packet to a random port on the target host. The Time to Live
(TTL) and the destination port are incremental for each ICMP Port Unreachable
message that is returned, or until 30 hops are reached.

ICMP

The Windows tracert command. When you select an ICMP traceroute protocol, the
TTL and the destination port are incremental for each ICMP Echo Request
message that is returned, or until 30 hops are reached.

Table 10: Traceroute protocol descriptions

Opening
maintenance tools

To open the maintenance tools in Proventia Manager:


Note: You cannot access the maintenance tools in the SiteProtector Console. You must
access them locally in Proventia Manager.

Working with the


tools

Select Maintenance Tools.

To use the maintenance tools:


1. Open the maintenance tools in Proventia Manager.
2. Do one of the following:
If you want to...

Then...

reboot the appliance

click Reboot.

stop the appliance

click Shutdown.

ping a computer

type the IP address of the computer you want to ping in the


Ping field, and then click Submit.

trace the route to a


device

1. Type the IP address you want to trace in the Traceroute field.


2. Select a protocol in the Protocol section:
UDP (User Datagram Protocol)
ICMP (Internet Control Message Protocol)
3. Click Submit.

30

Working with Maintenance Tools

If you want to...

Then...

reconnect the PPPoE


connection on the
external interface

click the Reconnect button next to Reconnect PPPoE


Connection in the Network Connection section.

release and renew the


DHCP lease for the
external interface

click the Renew button next to Renew DHCP lease in the


Network Connection section.

Proventia Network Multi-Function Security Administrator Guide

31

Chapter 5: Maintenance Tools

32

Chapter 6

Back Up and Recovery


Overview
Introduction

This chapter provides information about how to back up and restore your policies and
how to create and restore full system backups.

In this chapter

This chapter contains the following topics:


Topic

Page

Policy Backups

34

Full System Backups

35

Proventia Network Multi-Function Security Administrator Guide

33

Chapter 6: Back Up and Recovery

Policy Backups
Introduction

A policy backup (or settings backup) file contains all your appliance policies, including
policies for networking, appliance access, network objects, firewall, and antivirus. The
appliance comes with a policy backup file labeled FactoryDefault.settings that includes the
default appliance policies. Since you can store multiple policy backup files on the
appliance, we recommend that you keep the default policies for troubleshooting
purposes. Do not use policy backup files to distribute policies to multiple appliances. ISS
recommends that you use SiteProtector to distribute policies to multiple appliances.
Note: Policy backup files are referred to as settings snapshots and settings backups. These
files are all the same.

When to back up
policies

You should back up your policies as soon as possible after you configure the appliance for
deployment. You should also back up your policies on a regular basis.
Important: Use a unique name for the backup policy file.

Restrictions

Backing up and
restoring policies

The following restrictions apply:

A policy backup file is model specific. The policy backup file is only compatible
among appliances with the exact same model. (You cannot back up policies on one
model, and then restore that policy on a different model.)

Policy (settings) backups made on older firmware releases may not restore properly
on newer firmware releases.

If your appliance is registered with SiteProtector, you must unregister the appliance
from SiteProtector before you back up your policies.

To back up or restore policies:


1. In Proventia Manager, select Maintenance Backup and Recovery.
2. Select the Settings Backup tab.
3. Do one of the following:
If you want to...

Then...

back up settings

1. Click the Add icon, and then type a name for the backup file.
2. Click Create.

restore settings

select the file, and then click Apply.

delete a backup file

select the file, and then click Delete.

download a backup file

select the file, and then click Download.

upload a backup file

1. Click Add.
2. Type the filename, or click Browse to locate the file.
3. Click Upload.

34

Full System Backups

Full System Backups


Introduction

A full-system backup file contains a complete image of the appliance and its operating
system. You can restore the entire system from a full system backup. You should always
create a full system backup before you apply a firmware update.

Restrictions

The following restrictions apply:

Creating and
restoring full
system backups

You can store one full-system backup file on the appliance at any given time. When
you create a new full-system backup file, you overwrite the existing full-system
backup file.

Creating a full system backup takes the appliance off line for several minutes.

Full-system backups for version 1.7 or earlier are not compatible with version 1.8 or
later. Upgrade from version 1.7 to version 1.8 or later, and then create the full-system
backup.

To create or restore a full system backup:


1. In Proventia Manager, select Maintenance Backup and Recovery.
2. Select the Full Backup tab.
3. Do one of the following:
To...

Do this...

create a full system


backup

restore a full system


backup

click Create System Backup.


Note: You cannot access the appliance during the backup or
restore process.
1. Click Restore from Backup, and then click OK.
Note: You cannot access the appliance during the backup or
restore process.
2. Close all Web browser windows, and then clear your Java
cache.
Important: If you dont close all browser windows and clear
the Java cache, Proventia Manager might not function properly
after you have restored the system. For instructions about how
to clear the cache, see the documentation for your operating
system.
3. Wait at least five minutes before you access the appliance.

Proventia Network Multi-Function Security Administrator Guide

35

Chapter 6: Back Up and Recovery

36

Chapter 7

System Diagnostics
Overview
Introduction

This chapter describes the system diagnostics utility and provides instructions on how to
run it.

In this chapter

This chapter contains the following topics:


Topic

Page

About System Diagnostics

38

Running Diagnostics and Downloading Test Results

41

Proventia Network Multi-Function Security Administrator Guide

37

Chapter 7: System Diagnostics

About System Diagnostics


Introduction

Limitations

When to run the


tool

What tests are


available

Serial number and


model tests

The system diagnostics utility is included on the recovery CD for your appliance and
provides a way to check for the following types of hardware failures:

network interface failures

hard disk failures

file system errors

certain general hardware errors

The utility does not detect the following:

a single failed power supply on appliances with dual supplies

a single failed drive in a RAID mirror

bad memory

You can run the utility at the following times:

before you deploy a new appliance

before you deploy a replacement appliance

when you suspect there is a hardware issue with the appliance

when Technical Support requests it

The utility provides four classes of diagnostic tests available:

serial number and model

disk

network

event log analysis

The following table describes serial number and model tests:


Test

Description

Model test

Verifies that the appliance model matches the recovery CD used.

Serial number test

Verifies that the appliance serial number is either 9 or 13 digits.

Table 11: Serial number and model test descriptions and considerations

38

About System Diagnostics

Disk tests

You can skip all disk tests by specifying nodisk. The following table describes disk tests:
Test

Description

Badblock test

Finds invalid disk sectors. Each test takes approximately one hour
except when run on the M10, M10e, and M30 models. On these
models, each test takes approximately two hours.
Parameters:

Files system test

To run this test multiple times, use the dtbb=<number>


parameter.

To skip this test, use the dtbb=0 parameter.

Checks the integrity of the linux file system on the appliance but
does not necessarily indicate failure.
Parameters:

To skip this test, use the nofsck parameter.

To resolve most file system errors:


1. Reboot the device normally.
2. Log in as the root user.
3. Type reboot.
4. Reload the system diagnostics.
If this does not resolve a file system error message, you may
need to reimage the appliance.
SMART drive test

Checks the hard drive error log for signs of failure. This test is
available on the following models that dont have multiple disks:
M10, M10e, M30, M30e, MX1004, and MX3006.
Parameters:

To skip this test, use the nosmart parameter.

Table 12: Disk test descriptions and considerations

Network tests

You can skip all network tests by specifying nonet. The following table describes network
tests:
Check

Description

Network port count check

If this test fails, the appliance may require RMA replacement.

Network interface self test

Determines whether all interfaces are plugged in. Any interface


that is not plugged in shows up as failed.
Parameters:

To skip this test, use the nonetself parameter.

Table 13: Network test descriptions and considerations

Proventia Network Multi-Function Security Administrator Guide

39

Chapter 7: System Diagnostics

Check

Description

Network traffic test

Checks the interface traffic flow. Cables must be connected to the


interfaces to run this test.
Example cable connections on MX5010
Cable connections will be similar on other models.

Connect eth0 to eth1

Connect eth2 to eth3

Connect eth4 to eth5

Connect eth 6 to eth7

Connect eth8 to eth9

Parameters:

To skip this test, use notraffic parameter.

Important: Immediately before this test begins, you have


approximately 30 seconds to verify that the cables are correctly
connected. The delay may be longer depending on your appliance
version.
Important: Do not run earlier versions of system diagnostics on
M10, M10e, and M30e models because the test always fails, even
when the interfaces are not defective.
Table 13: Network test descriptions and considerations (Continued)

Event log analysis


tests for the M50
appliance

40

On the M50 appliance, event log analysis tests check for fault indicators or messages such
as the following:

critical interrupts

system POST errors

system temperature issues

Running Diagnostics and Downloading Test Results

Running Diagnostics and Downloading Test Results


Introduction

This topic explains how to run the system diagnostic utility and download the test results.

Considerations

Consider the following before you run the utility:

running system diagnostics takes the appliance off line completely.

running all tests takes the appliance offline for one to two hours.
Note: The test takes two hours for the M10, M10e, and M30 models.

Requirements

you must recable the appliance network interfaces before you run the network tests.

Before you run the utility, verify that you have the following:

computer
Note: A computer is required if you want to download the results.

Computer
requirements

red Ethernet crossover cable

serial cable

recovery CD

If you are connecting a computer to the appliance for this procedure, verify the computer
requirements:
Note: No software is installed on the computer during this process.
Requirement

Description

BIOS Settings

Computer must be configured to allow it to boot from the CD drive.


Reference: For information on how to check or change your BIOS
settings, see your computer documentation or go online and
search for instructions. Commonly, pressing F12 during bootup
allows you to specify booting from a CD.

CPU

Pentium II or compatible

RAM

64MB

Drive

IDE CD-ROM Drive

Serial port

COM1

Network interface card

3Com 3c905C

Intel PRO/100 or PRO/1000

3Com 3c574 or 3Com 3c575

Netgear FA511 or Netgear FA411

Intel PRO/100 S Mobile Adapter

ISS supports only the listed network cards. The Proventia M50
appliance automatically detects network interface cards.
Table 14: Computer requirements

Proventia Network Multi-Function Security Administrator Guide

41

Chapter 7: System Diagnostics

Running diagnostics
on M50s

To run system diagnostics on M50 appliances:


1. Connect to the appliance:
Tip: To view output and download diagnostic files after you run the tests, you must
connect a computer to the appliance using the serial cable.
If you are using a...

Then...

computer

1. Connect the serial cable from your computer to the serial port
on the appliance.
2. On the computer, use an application such as HyperTerminal to
configure a terminal connection between the computer and the
appliance. Use the following settings:
Port = COM1 or other appropriate port
Bits Per Second = 9600
Data bits = 8
Parity = None
Stop bits = 1
Flow control = None
3. Start the connection.

keyboard and monitor

connect the keyboard and monitor to the appliance.

2. Remove the front bezel.


3. Insert the Recovery CD in the appliance CD drive.
4. Restart the appliance.
5. When you see the boot: prompt, press TAB for the diagnostics menu.
Important: If you plan to run network diagnostic tests, you must recable the device

by connecting crossover cables between all interfaces. Connect ETH0 to ETH1, port 2
to 3, and so on.
6. Do one of the following:
If you want to...

Then...

run all four classes of


system diagnostic tests

type sysdiag, and press ENTER.

skip diagnostic test

type sysdiag parametername.

Example: sysdiag nodisk


Tip: Optional parameters and descriptions are listed on the
screen. You can specify multiple parameters by placing a space
between parameters.

Running diagnostics
on all other models

To run system diagnostics on the M10, M30, MX1004, MX3006, MX5010, or any other Mseries models that do not include a built-in CD drive:
1. In Proventia Manager, select Maintenance Tools.
2. Click Shut Down.
3. Turn off the appliance, and then disconnect it from the network.

42

Running Diagnostics and Downloading Test Results

4. Connect the serial cable from the console port on the appliance to the serial port on
your computer.
5. Connect the red Ethernet crossover cable from the internal (ETH0) port on the
appliance to the Ethernet port on your computer.
6. Insert the recovery CD into the CD drive on your computer, and then restart the
computer.
7. Wait until you see the following message:
***You may now boot your Proventia Appliance via the network***
***Starting Terminal Emulator***
***Press Control-G to Exit and Reboot***
8. If you plan to run network diagnostic tests, you must now recable the device by
connecting crossover cables between all available interfaces except for ETH0 and
ETH1. Connect port 2 to 3, port 4 to 5, and so on.
Important: In the next step, you have only five seconds to press L after the Press L

prompt appears.
9. Turn on the appliance and watch the screen closely for the Press L prompt.
10. When you see the Press L to boot from LAN prompt, press the L key.
11. When you see the boot: prompt, press TAB for the diagnostics menu.
12. Do one of the following:
If you want to...

Then...

run all four classes of


system diagnostic tests

type sysdiag, and then press ENTER.

skip diagnostic test

type sysdiag parametername.

Example: sysdiag nodisk


Tip: Optional parameters and descriptions are listed on the
screen. You can specify multiple parameters by placing a space
between parameters.

13. Wait until you see the messages:


Loading installer
Loading filesystem
Booting, please wait
14. Unplug the network cable from the computer.
15. Connect the remaining two appliance interfaces (ETH0 and ETH1) to each other.
About test results

After the tests are finished, the results are displayed on a summary screen and included in
the following file:
/tmp/sysdiag_<serial>.tgz
Caution: All output, logs, and diagnostic files are stored in memory only and are lost

when you restart the appliance. To preserve the files, you must transfer them to another
system over the serial cable. Depending on the version of the system diagnostics utility
you are running, the utility may provide an option to copy the file to an external USB
drive.

Proventia Network Multi-Function Security Administrator Guide

43

Chapter 7: System Diagnostics

Copying results file

To copy the sysdiag_<serial>.tgz test results file to another system:


1. Start the computer connected to the appliance.
Important: Do not restart the appliance itself.

2. Start a HyperTerminal connection using the following values:

Port = COM1 or other appropriate port

Bits Per Second = 9600

Data bits = 8

Parity = None

Stop bits = 1

Flow control = None

3. Press ENTER to get a bash prompt.


4. At the prompt, type download.
5. Type exit to safely turn off the appliance.
6. Locate the file on your local system.
Tip: The default location is the following:

C:\Documents and Settings\<username>\sysdiag_<serial>.tgz

44

Chapter 8

Support
Overview
Introduction

This chapter provides information about how to generate files used to troubleshoot issues
with customer support.

In this chapter

This chapter contains the following topic:


Topic
Generating Support Files

Proventia Network Multi-Function Security Administrator Guide

Page
46

45

Chapter 8: Support

Generating Support Files


Introduction

This topic explains how to generate a support file that can be used to troubleshoot
technical issues with customer support.

Contacting
customer support

To contact customer support:

Creating and
downloading
support files

In Proventia Manager, select Support Support Contacts.

To create or download a system support file:


1. In Proventia Manager, select Support System Support File.
2. Do one of the following:
To...

Do this...

create a file

select Generate Support Data File.

download a file

1. Select the radio button next to the file, and then click the
Download icon.
2. At the message prompt, click OK.
3. Follow the prompts to save the file to your hard drive.

46

Index

appliance
rebooting 30
shutting down 30

manual appliance updates

operating system
back up and recovery

backup and recovery


full system 35
policies 34

Internet Security Systems


technical support 8
Web site 8

o
35

ping command 30
policies
backing up 34
PPPoE
reconnecting the connection
PXE boot server 24, 41

c
conventions, typographical
in commands 7
in procedures 7
in this manual 7

31

d
DHCP
releasing and renewing leases 31
DHCP leases, releasing and renewing
documentation, locating 6

14

31

reinstalling appliance firmware


procedure for M50 2425
procedure for Mx1004 24, 26
procedure for Mx3006 24, 26
requirements 25

Filter Database
obtaining full version 28
updating existing 28
firmware updates
installing manually 14
full backup 35

security content updates


installing manually 14
removing manually 15
system support file 46
system tools 30

Proventia Network Multi-Function Security Administrator Guide

47

Index

t
technical support
contacting 46
system support file 46
technical support, Internet Security Systems
traceroute command 30
traceroute protocols 30
typographical conventions 7

u
updates
alternate update servers 16
downloading updates 14
finding updates 14
installing updates manually 14
obtaining from SiteProtector 16
removing security content updates
rolling back updates 15
troubleshooting 15

15

w
Web site, Internet Security Systems

x
X-Press update server

48

16

You might also like